package com.woniuxy.shiro;

import org.apache.shiro.codec.Base64;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.io.UnsupportedEncodingException;
import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
    //配置领域类
    @Bean
    public AdminRealm AdminRealm() {
        return new AdminRealm();
    }
    //配置安全管理器
    @Bean
    public DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //注册领域
        securityManager.setRealm(AdminRealm());
        //注册rememberMe
        securityManager.setRememberMeManager(cookieRememberMeManager());
        return securityManager;
    }
    /**
     * Shiro过滤器
     * 用于进行前置请求过滤
     * 在没有登陆的情况可以访问那些资源，不能访问那些资源，如果访问了非法资源，跳转到那个网页
     * @return
     * @throws UnsupportedEncodingException
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilter() throws UnsupportedEncodingException {
        //实例化Filter工厂
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //注册securityManager
        shiroFilterFactoryBean.setSecurityManager((org.apache.shiro.mgt.SecurityManager) securityManager());
        //设置Shiro过滤器过滤规则
        //LinkHashMap是有序的，shiro会根据添加的顺序进行拦截,匹配到过滤器后就执行该过滤器不会在继续向下查找过滤器
        Map<String,String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
        //配置不会被拦截地址规则
        //地址规则格式：参数1：地址   参数2：访问限制
        //anon:所有的url都可以不登陆的情况下访问
        //authc：所有url都必须认证通过才可以访问
        //user:登陆或者记住我都能访问
        //static地址下的请求无须登陆可以访问
        filterChainDefinitionMap.put("/js/**","anon");
        filterChainDefinitionMap.put("/css/**","anon");
        filterChainDefinitionMap.put("/img/**","anon");
        filterChainDefinitionMap.put("/fonts/**","anon");
        //登陆页面，无须登陆直接访问
        filterChainDefinitionMap.put("/page/login.html", "anon");
        //登陆请求，无须登陆直接访问
        filterChainDefinitionMap.put("/login", "anon");
        //当收到lonout请求时，执行注销功能
        filterChainDefinitionMap.put("/logout", "logout");
        //如果不满足上方所有的规则 则需要进行登录验证
        filterChainDefinitionMap.put("/**", "user");
        //未登录时重定向的网页地址
        shiroFilterFactoryBean.setLoginUrl("/page/login.html");
        //将地址过滤规则设置到Filter工厂中
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        //返回
        return shiroFilterFactoryBean;
    }
//
//
    @Bean
    public CookieRememberMeManager cookieRememberMeManager() {
        //实例化rememberme管理器
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        //定义Cookie cookie的名字为rememberMe
        SimpleCookie cookie = new SimpleCookie("rememberMe");
        //定义Cookie的有效时间(s)
        //7天
        cookie.setMaxAge(604800);
        //将cookie设置到rememberme管理器中
        cookieRememberMeManager.setCookie(cookie);
        //设置cookie的值的加密密钥（设置用户数据序列化以后采用的加密密钥）
        cookieRememberMeManager.setCipherKey(Base64.decode("6ZmI6I2j5Y+R5aSn5ZOlAA=="));
        return cookieRememberMeManager;
    }
    /*
     * 权限
     */
//	@Bean
//	public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor() {
//		AuthorizationAttributeSourceAdvisor advisor=new AuthorizationAttributeSourceAdvisor();
//	    advisor.setSecurityManager(securityManager());
//	    return advisor;
//	}
//	@Bean
//	public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
//		DefaultAdvisorAutoProxyCreator app=new DefaultAdvisorAutoProxyCreator();
//	    app.setProxyTargetClass(true);
//	    return app;
//	}
}
